Method and System for Conducting High Speed, Symmetric Stream Cipher Encryption

ABSTRACT

A method is provided for processing a digital information set having a plurality of information bytes. The method comprises receiving the information set, determining a set of initialization parameters, initializing a set of state variables using the set of initialization parameters, and generating a plurality of cryptors, each cryptor being a virtual dynamic array containing a monoalphabetic cipher. The method further comprises modifying the state variables and one or more of the cryptors, setting the index value for each cryptor in the plurality of cryptors; and selecting an ordered cryptor subset to be applied to an information byte. The information byte is processed using the ordered cryptor subset to produce a processed information byte. If the information byte is a plaintext byte, the processed byte is an encrypted byte, and vice versa. The actions of modifying, setting, selecting, and processing are then repeated for each remaining information byte.

FIELD OF THE INVENTION

The field of the present invention relates generally to the science ofcryptography, and more particularly to symmetric stream cipher systemsand methods for encrypting and decrypting digital data. The presentinvention may generally be used to encrypt and decrypt information toprotect data transmitted through communication systems or stored on adevice such as a computer disk drive.

BACKGROUND

Several classes of cryptography algorithms are currently used to encryptand decrypt data. Two classes of algorithms generally include symmetrickey and asymmetric key (public key) algorithms. In asymmetric, or publickey, cryptography, the key used to encrypt a message is not the same asthe key used to decrypt it. The encryption key is public and widelydistributed, and the decryption key is private and known only to theauthorized recipient of the message. Public key algorithms, however, arevery computationally intensive and the encryption and decryptionoperations are slow even on small amounts of data. Symmetric keyalgorithms, on the other hand, can be executed much faster whileproviding commensurate and even stronger levels of cryptographicsecurity.

There are currently three prevailing published symmetric key algorithms:the Data Encryption Standard (DES), triple DES, and the AdvancedEncryption Standard (AES). Each of these symmetric key algorithmsdivides plaintext and ciphertext into blocks of a specified size forencryption and decryption. This is known as a block cipher and generallyinvolves operations on blocks of digits with a fixed, unvaryingtransformation. These algorithms are related in that each utilizes thesame type of sub-operations to encrypt a block of plaintext into a blockof ciphertext, and the same type of inverse sub-operations to decrypt ablock of ciphertext into a block of plaintext. Block cipher algorithmshave inherent limitations, however, which include slower executionspeeds than stream ciphers (discussed below) and require more hardwarecomplexity. Further, messages that do not match the block size (e.g. 128bits) require the generation of padding text to complete the block.Additionally, block cipher algorithms encrypt identical blocks ofplaintext into identical blocks of ciphertext using the same key.

Stream ciphers, on the other hand, encrypt the bits or bytes of amessage one at a time, rather than in blocks as in block ciphers, andideally do not encrypt identical plaintext into identical ciphertext.Further, stream ciphers typically execute at a higher speed than blockciphers and require lower hardware complexity, and can therefore be usedin smaller applications, such as on mobile phones.

Certain aspects of the present invention relate to the stream cipherconcepts designed and developed for use in rotor machines,electro-mechanical polyalphabetic devices that produced periodicsequences of monoalphabetic ciphers, each of which were used to encrypta character of plaintext. Rotor machines were the standard cryptographicinstruments adopted for military use by the Allied and German forces inthe years before and during World War II. However, history records thatmost adversaries were generally successful at breaking enemy ciphersgenerated by such machines, mainly due to the methods adopted forregular stepping of one or more codewheels to new rotational positionsbefore each character was encrypted, as well as flaws in the proceduresfor field operation and operator errors.

Rotor machines of this type were originally invented and patented byEdward H. Hebern. Improved versions were subsequently patented and madefamous by Arthur Scherbius (e.g., ENIGMA) and later by Boris C. W.Hagelin (e.g., the eM209 and M211 machines), William Frederick Friedman(e.g., the Converter M-134-C, M-228, and M-325 machines), LaurenceSafford and Seiler (the ECM Mark 11 machine, a.k.a. SIGBA) and others,including the TSEC/KL-7 (code named ADONIS) used by the NationalSecurity Agency into the 1970s.

The fundamental principle supporting each of these rotor machines is theserial application of a set of rotatable codewheels, each encrypting aninput character via a monoalphabetic cipher to an output character thatis then used as an input to the next codewheel in the sequence. Eachintermediate encryption result in the sequence is affected by therotational position of the corresponding codewheel. The initial inputvalue is the plaintext byte and the final output value is the ciphertextbyte. The state of the machine is then modified by the automaticrotation of one or more of the codewheels to a new position and the nextcharacter is then encrypted. Some rotor machines had additionalfeatures, such as a plugboard that supported a number of cables withjacks that switched pairs of various input plaintext values in an effortto thwart cryptanalysis attacks.

A codewheel was typically a circular wheel made of bakelite or ceramicmaterial with wiring that mapped each input contact to a differentoutput contact, establishing a single monoalphabetic cipher. Each codewheel could be rotated in these machines to as many positions as therewere members in the plaintext alphabet, each different positionproducing a different ciphertext output character for the same plaintextinput character. Consequently, for an alphabet size of 26 (α=26), eachcodewheel logically represented 26 different monoalphabetic ciphers asdetermined by its position. Even assuming an alphabet size of only 26,rotor machines supporting four codewheels (φ=4) generated approximately450,000 (i.e., 26⁴) different monoalphabetic ciphers before repeating anencryption with the same position of all codewheels. Later rotormachines, supporting six such codewheels (φ=6), had a cycle ofapproximately 309,000,000 (i.e., 26⁶) monoalphabetic ciphers. Increasingeither the size of the alphabet (α) or the number of codewheels (φ)expands the periodic cycle dramatically. For instance, the Soviet Unionused a rotor machine with 10 codewheels each having a monoalphabeticcipher of 30 Cyrillic characters (α=30; φ=10), yielding approximately590 trillion different monoalphabetic ciphers (i.e., 30¹⁰).

Regardless of the number of codewheels employed, conventional rotormachines were still subject to cryptanalysis attack. Successfulcryptanalysis methods and strategies involved deriving statisticalinformation about the structure and content of individual codewheelsemployed during the encryption sessions as well as the steppingalgorithm that systematically drove the rotor machine to the next state.Since multiple codewheels were supplied which could be mounted invarious combinations, order, and positions, the cryptanalysis effortsrequired to break the ciphertext produced by such machines was immense,particularly before the advent of modern computing and networkedsupercomputers. Even today, many historical messages enciphered by suchrotor machines have yet to be deciphered simply because the availablemessage traffic for particular sets of codewheels is too small forcryptanalysis to yield meaningful results.

In general, such prior art rotor machines were constructed with a“reflector” rotor that guided electronic impulses back through the setof rotors such that the ciphertext generated by each character of thealphabet was pair-wise symmetric. That is, in any given state, ifencryption of the letter B produced the ciphertext letter X, thenencryption of the letter X produced the ciphertext letter B. Thus, arotor machine initialized in the same state could be used for eitherencryption of plaintext or decryption of ciphertext. While this strategygreatly simplifies operations by eliminating additional equipment andprocedures, it introduces significant cryptanalysis vulnerabilities.

Furthermore, conventional rotor machines had major operational drawbacksin that they required costly and complex procedural efforts to provideoperational support. Multiple sets of identical codewheels had to beconstructed in secret and protectively distributed to authorizedparties, and their introduction into operation had to be carefullycoordinated. Many such sets were used for months, even years, due to theeffort required to initiate new sets. Detailed operational instructionswere necessary, directing painstakingly meticulous steps to ensure thatthe exact setup and initialization process for each base session wasabsolutely correct since any deviation resulted in unintelligibleciphertext even to authorized recipients. Usually these setupinstructions changed daily, thus adding to the complexity. A typicaloperational procedure required the following steps to produce each dailybase session:

-   -   A container with the correct set of codewheels was selected;    -   an exact subset of 4, 5 or 6 codewheels was extracted from the        container;    -   the selected subset of codewheels was mounted into the machine        in a specific order;    -   each mounted codewheel was adjusted to a specific position; and    -   cables were then connected to specific pairs of plugboard jacks.        Once the daily base session settings were established, each        encrypted message was usually preceded with directions        specifying minor changes made to the base session settings prior        to the encryption of the associated message. For example, one or        more rotors might be adjusted to a different rotational        position.

Another significant issue was the manpower required for communicationssecurity. Thoroughly trained operators were absolutely essential forsuccessful, secure communications using conventional rotor machines, andmilitary forces had special attachments dedicated to such efforts.Multiple operators were assigned to oversee each session initiation andoperation in an effort to avoid incorrect setups. Still, history revealsthat during extended periods of operations, errors were unavoidable,many of them contributing to successful cryptanalysis efforts byadversaries. For example, some messages were transmitted that had beenaccidentally encrypted with the wrong settings, and then immediatelyretransmitted after being correctly encrypted using slightly differentsettings—a serious cryptographic mistake. Also, some procedures actuallyrequired duplicating portions of encrypted message headers, creatinganother serious vulnerability.

Early rotor machines utilized a regular odometer-like stepping algorithmfor repositioning codewheels, which is a critical design flaw due to thefact that if each letter of the alphabet is processed while a number ofcodewheels are held fixed in their respective positions, thecryptographic effect produced by the fixed set is identical to thatproduced by a single monoalphabetic cipher. Thus, sequentially advancingthe first codewheel until a full revolution occurs, then stepping thesecond codewheel, and resuming stepping of the first, is actuallyequivalent to having only two codewheels in use for a period determinedby the size of the alphabet.

Later rotor machines addressed this vulnerability by introducing morecomplex and irregular stepping methods that made cryptanalysis much moredifficult. One such example is the aforementioned TSEC/KL-7 thatintroduced two additional banks of secondary codewheels whose solepurpose was to produce a variable stepping sequence for the primarycodewheels of the rotor machine. The TSEC/KL-7, however, was stillsubject to the other disadvantages of conventional, physical rotormachines, such as the complex procedures and operational support thatwere required for such devices. Even with the TSEC/KL-7, thecryptographic protection produced by such conventional rotor machineswas basically generated by varying the initial installation, ordering,and positioning of a group of fixed codewheels selected from arelatively small, distributed set, and devising irregular methods ofrotating the codewheels as encryption proceeded.

Many of these prior art rotor machines have now been implemented assoftware computer applications that exactly mimic their performance.However, such applications are merely simulations of prior art rotormachines. No instance of an improved virtual rotor machine has beenpublicly disclosed.

SUMMARY OF THE INVENTION

An aspect of the present invention provides a method for processing adigital information set having a plurality of information bytes. Themethod comprises receiving the information set, determining a set ofinitialization parameters, initializing a set of state variables usingthe set of initialization parameters, and generating a plurality ofcryptors, each cryptor being a virtual dynamic array containing amonoalphabetic cipher and having an associated index value representinga rotational position of the cryptor. The method further comprisesmodifying the state variables and one or more of the plurality ofcryptors, setting the index value for each cryptor in the plurality ofcryptors; and selecting an ordered cryptor subset to be applied to aninformation byte. The selected one of the plurality of information bytesis processed using the ordered cryptor subset to produce a processedinformation byte. The actions of modifying, setting, selecting, andprocessing are repeated for each remaining information byte of theinformation set, each performance cycle of the actions of modifying,setting, selecting, and processing constituting a process iteration. Themethod also comprises assembling the processed information bytes fromall process iterations to form an output information set.

Other aspects and advantages of the invention will become apparent fromthe following descriptions which, taken in conjunction with theaccompanying drawings, illustrate the principles of the invention by wayof example.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a generic symmetric-keyencryption process;

FIG. 2 is a block diagram of an encryption method according to anembodiment of the invention;

FIG. 3 is a block diagram of a decryption method according to anembodiment of the invention;

FIG. 4 shows the basic construct of a CASE statement in PASCAL;

FIG. 5 shows the basic construct of a FOR statement in PASCAL;

FIG. 6 shows the basic construct of an IF . . . THEN statement inPASCAL;

FIG. 7 shows an example PASCAL function Calculate that illustrates thefunctional definitions used in subsequent figures;

FIG. 8 shows a SwapAll function that illustrates a method of modifyingthe contents of a cryptor according to an embodiment of the invention;

FIG. 9 shows a BuildCryptor function that illustrates a method ofgenerating the contents of a cryptor according to an embodiment of theinvention;

FIG. 10 shows a BuildInverse function that illustrates a method which,for any given cryptor, builds an inverse cryptor containing the uniquemonoalphabetic cipher which exactly reverses the encryption affects ofthe cryptor according to an embodiment of the invention;

FIG. 11 shows a ShiftStates function that illustrates a method forunpredictably modifying the internal states of the stream cipher of theinvention according to an embodiment of the invention;

FIG. 12 shows an Encrypt function that illustrates a method ofencrypting plaintext data bytes according to an embodiment of theinvention;

FIG. 13 shows a Decrypt function that illustrates a method of decryptingciphertext data bytes according to an embodiment of the invention;

FIG. 14 shows a ApplyPrivateKey function that illustrates a firstexemplary method of modifying the monoalphabetic cipher contents ofevery cryptor in the large plurality of cryptors during initializationof the stream cipher according to an embodiment of the invention;

FIG. 15 shows an ApplySessionString function that illustrates a secondexemplary method of modifying the monoalphabetic cipher contents ofevery cryptor in the large plurality of cryptors during initializationof the stream cipher according to an embodiment of the invention;

FIG. 16 shows a MorphAllCryptors function that illustrates a thirdexemplary method of modifying the monoalphabetic cipher contents ofevery cryptor in the large plurality of cryptors during initializationof the stream cipher according to an embodiment of the invention;

FIG. 17 shows a ModifySession function that illustrates an exemplarymethod of wholly modifying all current internal states of the streamcipher of the invention according to an embodiment of the invention;

FIG. 18 shows a NewSession function that illustrates an exemplary methodof generating all initial internal states of the stream cipher of theinvention, including the large plurality of cryptors and thecorresponding plurality of inverse cryptors, according to an embodimentof the invention;

FIG. 19 is a schematic illustration of an encryption processor accordingto an embodiment of the invention; and

FIG. 20 is a schematic illustration of a cryptographic system accordingto an embodiment of the invention.

DETAILED DESCRIPTION OF THE INVENTION

The present invention introduces innovative strategies and concepts thatrevolutionize encryption technology based on the concepts of traditionalrotor machines. Such machines, and their computer-simulatedcounterparts, use various stepping algorithms to rotationally repositiona small set of static codewheels mounted in a fixed relative order toproduce periodic sequences of monoalphabetic ciphers used to encryptplaintext bytes. In stark contrast, the stream cipher of the presentinvention effectively constitutes a virtual polymorphic chamber thatpseudo-randomly generates essentially aperiodic sequences of virtualdynamic rotor machines, each used to encrypt only a single plaintextbyte. This polymorphic chamber is comprised of a large plurality ofdynamic codewheels (referred to herein as “cryptors”) whosemonoalphabetic cipher contents are constantly subject to unpredictablealterations prior to each process iteration. Then, for each processiteration, a subset of the current large plurality of cryptors ispseudo-randomly selected, ordered, and rotationally positioned within avirtual “cryptor machine” to encrypt the next plaintext byte. Theonce-used cryptor machine is then logically discarded before the nextprocess iteration. Using such polymorphic cryptors instead of fixedconfiguration codewheels, the stream cipher of the present inventioneliminates all static aspects of conventional rotor machines,constituting a major sea-change to this technology.

It will be understood that the embodiments of the invention aredescribed using various terms (e.g., rotor or codewheel) relating tocryptographic rotor machines. As used herein, such terms may refer notonly to the components of mechanical rotor machines but also toanalogous components of virtual rotor machines operating on or throughthe use of a computer or other data processor. In that regard,embodiments of the stream cipher methods disclosed herein may beexecuted on a machine which may be a programmable or pre-programmeddigital computer or an application-specific dedicated device.

Operating, for example, on a computing device or implemented within oneor more dedicated processors, the methods disclosed herein are extremelyefficient and are capable of providing data encryption at speedssufficient to support the demands of modern network communications. Theprocess is also scalable, allowing multiple independent instances of theinvention, driven by separate processors, to be created and coordinated,linearly increasing throughput with each additional instance. Such anapproach further increases the overwhelming cryptanalysis challengepresented by only a single instance of the invention.

The exemplary methods of the invention illustrated herein repeatedlygenerate virtual cryptor machine instances, each assembled using asubset of different cryptors selected from a large plurality ofcryptors. The varying configurations of these virtual cryptor machineinstances are determined by the exemplary methods using a set ofvariables that are referred to herein as the machine's internal statevariables and are referenced throughout the illustrative functions thatspecify the initialization, encryption, and decryption processes.

Aspects of the present invention pseudo-randomly allow for, inter alia,the simulated intermittent rotation (i.e. changing of an associatedindex or offset value) of all cryptors, continual variation of theselected subset of different cryptors as well as the order in which theyare applied, and the progressive, pseudo-random modification andregeneration of the monoalphabetic content of all cryptors. Furthermore,as part of the initialization of every encryption session, the largeplurality of initially installed cryptors are pseudo-randomly generatedrather than merely pseudo-randomly selected and ordered from apre-existing distributed set. Every installed cryptor may be generatedusing one or more shared-secret parameters to correctly interpretextremely detailed instructions contained within a string of bytevalues, referred to herein as a “sessionstring.” Such sessionstrings maybe publicly exchanged by cooperating parties prior to the initializationof each encryption session. The exemplary embodiment of the inventionillustrates methods that ensure that even a single bit variation in sucha sessionstring, or anywhere within the set of shared-secret parameters,results in wholesale changes to each and every cryptor generated duringinitialization.

The present invention is extremely efficient and allows for high-speedencryption of digital data sufficient to support modern networks. Duringsuch high-speed encryption sessions, the monoalphabetic cipher withineach cryptor may have a life expectancy of only a few milliseconds. Inan illustrative embodiment of the invention, every cryptor is wholly andunpredictably altered within every full cycle of 65,536 encryptioniterations by pseudo-random pair-wise exchanges that alter the locationof every value in the monoalphabetic cipher. Further, after 65,536cycles, every cryptor has been completely replaced with the factoredproduct of two pseudo-randomly selected cryptors.

As noted above, the stream cipher of the present invention generatesessentially aperiodic sequence of virtual cryptor machines, each suchmachine being used to encrypt only a single plaintext byte. Eachgenerated virtual cryptor machine is pseudo-randomly constructed byselecting, ordering, and rotationally positioning each member of arelatively small subset chosen from a larger set of dynamic, polymorphiccodewheels (“cryptors”). Unlike the prior-art codewheels that containedfixed monoalphabetic ciphers, the polymorphic cryptors of the disclosedinvention are totally dynamic. Every cryptor of the stream cipher of theinvention may be unpredictably and repeatedly subjected to wholesalemodifications (“morphings”) that alter the location of values within itsmonoalphabetic cipher. Each such morphing dramatically alters not onlythe individual cryptor, but also directly impacts the set of potentialvirtual cryptor machines that may subsequently be constructed to encryptplaintext bytes, as well as significantly altering the effects producedby subsequent morphings.

The invention also allows expansion of the plaintext alphabet toinclude, for example, all 256 values {0 . . . 255} that may berepresented in a digital data byte having eight binary bits. As willbecome evident, the entropy introduced by expanding the alphabet toinclude values not used by most plaintext introduces no significantcryptanalysis vulnerabilities. An enlarged alphabet not only allows forencryption of all digital data, it also produces a non-linear increasein the total number of unique monoalphabetic ciphers (256 factorial fora 256 value alphabet), any of which may be contained within a cryptor.Further, an enlarged alphabet exponentially increases the number ofalternative rotational positions of the subset of cryptors selected foreach virtual cryptor machine instance.

Another significant innovation of the invention is that each cryptor maybe pseudo-randomly regenerated and/or unpredictably altered by one ormore pair-wise exchanges of the monoalphabetic cipher contents of thecryptor. This innovation is referred to herein as cryptor morphing. Thenew cryptor produced by each such morphing can be used to significantlyalter the set of possible results of all subsequent morphings. Whilemorphing can be accomplished by any of a wide variety of techniques, twoparticularly effective strategies are described below.

Another innovation of the invention is the introduction of a variablestepping process that exploits the dynamic nature of the large set ofcryptors, using their combined, continually changing monoalphabeticcipher contents as a source for unpredictable sequences of values. Thesesequences are produced by stepping index values through differentperiodic cycles, each referencing every byte value within the largeplurality of continually changing cryptors. The invention uses thepseudo-random values produced by these cycles of sequences to directvarious tasks performed for each encryption iteration.

Yet another noteworthy innovation of the present invention is theintroduction in some embodiments of a separate decryption process thatperfectly reverses the effects of the encryption process using a set ofinverse cryptors, entirely eliminating the use of a “reflector” and theassociated vulnerabilities. The fact that the stream cipher of theinvention might encrypt the plaintext letter B into the ciphertextletter X imposes absolutely no requirement that the ciphertext letter Bbe produced by encrypting the plaintext letter X in the same state. Theinvention constantly maintains a unique set of inverse cryptors thatexactly correspond to the current set of cryptors, each inverse cryptorcontaining the unique monoalphabetic cipher that exactly reverses theeffects of encryption by the corresponding cryptor for each character ofthe plaintext alphabet.

In an alternative embodiment, the method of the invention may beconfigured so that a separate decryption process is not required. Inthis embodiment, a target byte is pseudo-randomly selected and encryptedusing the selected subset of cryptors. The encrypted target byte is thenapplied to a plaintext byte of the message to be encrypted using aBoolean exclusive-or operator (or other appropriate mathematicaloperation) to produce a ciphertext byte. A new target byte is thenpseudo-randomly selected, encrypted and applied to the next messagebyte, until the entire message has been encrypted. A message encryptedusing this approach may be decrypted by passing the encrypted messagethrough the same encryption process using the same initializationparameters. The only difference is that this time, the input message isa ciphertext message, which when processed according to the same methodas the original plaintext message will result in the exact reproductionof the plaintext message.

Aspects of the present invention will now be discussed in more detail.

An illustrative aspect of the stream cipher of the disclosed inventionprovides a computer-implemented method for encrypting and decryptingplaintext information sets having a plurality of information bytes. Theencryption method of the invention is carried out by first initializingthe internal state variables of the encryption device. This may be done,for example, using a public information string and a private informationstring, as is discussed in more detail below. The encryption method thenpseudo-randomly performs the tasks of modifying the set of internalstate variables and, based on the new set of state variables, selectingan ordered subset of, for example, 5 different cryptors from a largeplurality of cryptors, assigning each selected cryptor in the subset arotational position, and then constructing a virtual cryptor machine byinstalling the selected cryptors in the order of selection and adjustingeach cryptor in the rotor machine to its assigned rotational position.The encryption method further comprises sequentially applying each ofthe cryptors in the virtual rotor machine in order, using theirpre-adjusted positions to encrypt the plaintext information byte. Theprocessed result from the application of each cryptor is used as theinput byte for the next cryptor in the sequence. The processed resultfrom application of the final cryptor is the final encrypted informationbyte. Each complete performance of the pseudo-random tasks of modifying,selecting, assigning, constructing, installing adjusting, andsequentially applying, constitutes an encryption iteration, which isperformed for each plaintext information byte of the information set.The encryption method further comprises assembling the encryptedinformation bytes from all encryption iterations to form the ciphertextoutput information set.

In some embodiments, a decryption method of the invention may be carriedout by initializing the internal state variables of the invention usingthe same public information string and private information string thatwas used to initialize the corresponding encryption session, generatingan additional large plurality of inverse cryptors, each of whichcontains the unique inverse monoalphabetic cipher of the correspondingcryptor in the large plurality of cryptors. The decryption method thenpseudo-randomly performs the tasks of modifying the set of internalstate variables and, based on the new set of state variables, selectingthe subset of 5 inverse cryptors from the large plurality of inversecryptors that correspond with the subset of cryptors selected from thelarge plurality of cryptors during the encryption process, assigningeach inverse cryptor in the subset the same rotational position used topre-adjust each cryptor during encryption, and constructing a virtualinverse cryptor machine by installing each of the selected inversecryptors in the reverse order of selection with no rotationaladjustment. The decryption method further comprises the tasks ofsequentially applying each inverse cryptor in the virtual inversecryptor machine, post-adjusting the intermediate result from eachinverse cryptor with its assigned rotational position, the resultingvalue being used as the input byte to the next inverse cryptor in thesequence, the post adjusted results of the final inverse cryptoryielding the unencrypted plaintext information byte. Each completeperformance of the tasks of pseudo-randomly modifying, selecting,assigning, constructing, installing, sequentially applying apost-adjusting, constitutes a decryption iteration, which is performedfor each ciphertext information byte of the information set. Thedecryption method further comprises assembling the decrypted informationbytes from all decryption iterations to form the plaintext outputinformation set.

In the exemplary embodiment, the polymorphic chamber of the streamcipher of the invention contains a transitory set of 256 cryptors fromwhich a subset of 5 different cryptors are pseudo-randomly selected,ordered, and rotationally positioned to construct a virtual cryptormachine instance for each encryption iteration. Thus, each virtualcryptor machine instance may contain any one of the possible1,057,145,886,720 (the product: 256×255×254×253×252) unique, orderedsubsets of 5 different cryptors. Further, a different rotationalposition may be independently assigned to each of the 5 cryptors in thevirtual cryptor machine, allowing exactly 1,057,145,886,720 differentpositional possibilities for every virtual cryptor machine instance soconstructed, each different set of positions producing a differentmonoalphabetic cipher with which to encrypt the single plaintext byte.These two values are therefore multiplicative, resulting in theexemplary embodiment of the invention choosing from among more than 10²⁴different possible monoalphabetic ciphers to encrypt each plaintextcharacter. Further, this huge set of possible alternatives is whollytransitory across process iterations since the polymorphic chamber is ina constant state of flux.

If desired, it is a simple exercise to anyone skilled in the art toincrease the size of the subset selected to build such virtual cryptormachines. For example, selecting a subset of six cryptors increases the10²⁴ number of possible alternative monoalphabetic ciphers by amultiplicative factor of 63,001 (251×251) with only a small percentageincrease in processing costs. Similarly, an increase to eight cryptorsin each virtual cryptor machine instance would result in exponentiallyincreasing the number of possible monoalphabetic ciphers to considerablymore than 10³⁸ alternatives, with only a corresponding linear percentageincrease in processing costs.

Any or all of the internal state variables of the exemplary embodimentof the stream cipher of the invention may be modified prior to theencryption of each byte of plaintext. Ultimately, the entire set ofvalues within the polymorphic chamber of the stream cipher is modifiedfor every full cycle of 65,536 encryption iterations.

The state modifications performed prior to the encryption of eachplaintext byte dramatically alter the monoalphabetic cipher of adifferent cryptor using the first of two exemplary innovative morphingstrategies once every 256 iterations. After every full cycle of 65,536iterations, all cryptors have been similarly modified ensuring that thelocation of every value in every cryptor has been changed. Additionally,after every 65,536 iterations, two cryptors may be pseudo-randomlyregenerated by the second exemplary innovative morphing strategy,ultimately regenerating all cryptors within every 8,388,608 iterations.These changes dramatically affect the sequences of pseudo-random valuesthat direct the processes of the invention, the rotational positions ofthe cryptors used to encrypt each plaintext byte, and the more than onetrillion alternative cryptor machines that are candidates forconstruction during subsequent encryption iterations.

The stream cipher system of the present invention greatly enhancessecurity over that of typical block cipher systems which always encryptidentical plaintext blocks into identical ciphertext blocks using thesame key, creating cryptographic vulnerabilities. Additionally, thestream cipher system of the present invention is computationally fastrelative to systems based on public key algorithms. Finally, in theexemplary embodiment, the inverse decryption logic uses a step-by-stepprocess that mirrors the encryption process using a set of inversecryptors to reverse the effects of encryption. The decryption processinvolves the initial generation of the set of inverse cryptors andreconstruction of the corresponding inverse cryptor whenever a cryptoris modified or replace.

For purposes of illustration, FIG. 1 shows a general symmetric-keyencryption process. In symmetric-key cryptography, a sender 10 is ableto securely send a plaintext message 11 to a receiver 12. The sender 10and receiver 12 share a private key 14, which is used by an encryptionprocessor 13 to encrypt the plaintext message 11 into ciphertext 16. Theprivate key 14 is also used by a decryption processor 15 to decrypt theciphertext 16 and reproduce the plaintext message 11.

In general, symmetric stream cipher systems may use one or moreshared-secret keys in combination with an additional, generated initialvalue to establish protected communication sessions using a relativelysimple strategy or protocol. For example, a shared-secret key, knownonly by the communicating entities, is used by each entity only tocreate encryption sessions to protect communications with the other. Thecommunicating entities typically recognize each other using previouslyagreed upon unique identities. Either entity wishing to establishprotected communications with another entity first pseudo-randomlygenerates an initial value. This first entity then inputs the initialvalue and the shared-secret key into a stream cipher initializationfunction to create an initial machine state that will be used by thefirst entity to encrypt plaintext to produce ciphertext. The firstentity then transmits his unique identifier and the initial value,unencrypted, over a communication channel to the second entity.

Upon receipt of this communication, the second entity, recognizing theidentifier, inputs the shared-secret key associated with the firstentity and the received initial value into the initialization functionof the same stream cipher initialization function to create an identicalinitial machine state, allowing the second entity to decrypt ciphertextsubsequently received from the first entity into plaintext. The secondentity then repeats the process by pseudo-randomly generating a separateinitial value used with the shared-secret key to create a differentstream cipher session that will subsequently be used to encrypt messagessent to the first entity. The second entity then transmits theunencrypted initial value to the first entity, which is then able tocreate the exact same session for decrypting ciphertext subsequentlyreceived from the second entity. Once the two separate sessions havebeen successfully created by both entities, protected communications maybe used to exchange encrypted challenges and responses that assure eachentity that the other has successfully established the correctdecryption session, a secure dual-authentication protocol.

More sophisticated strategies would use such initial stream ciphersessions only to protect the exchange of additionally generatedtemporary information values that are then used to create two secondarysessions using entirely different input parameters to the stream cipherinitialization function. The initial sessions are then closed and thesecondary sessions are used to protect all subsequent communications.The purpose of such strategies is to ensure that any session createdusing a shared-secret key with a publicly exchanged initial value isnever used to encrypt plaintext whose content is subject to frequencyanalysis.

FIG. 2 illustrates a generalized method M100 of encrypting a messageaccording to an embodiment of the invention. The method begins at S100and at S110 a plaintext message to be processed is received. At S120, anencryption session is created by initializing the internal statevariables based on a set of initialization parameters. Theseinitialization parameters may be established using a sessionstring andshared-secret keys as described above. A set of cryptors having Mmembers is then generated. The initialization function is designed toestablish the entire set of internal state variables, including thecryptors, in an unpredictable manner.

The number of cryptors, M, is essentially unrestricted. In anillustrative configuration that will be used in the examples presentedherein, M=256, meaning the system uses a set of 256 cryptors. Forcomputation purposes, the cryptors may be contained in a cryptor tablehaving M members. At S130, the machine state may be selectivelymodified, potentially changing the rotational positions of some or allof the M cryptors and/or the monoalphabetic cipher contents of one ormore of the M cryptors. As used herein, the term “rotational position”is used to refer to the computational analog (such as an associatedindex or offset value) of the rotational orientation of a mechanicalcodewheel, which determines the output character produced for any giveninput character. At S140 a subset of cryptors having N members isselected from the overall set of M cryptors to build an instance of avirtual cryptor machine. As will be discussed, virtually any methodologymay be used to select the members of this cryptor subset, as would beunderstood by one of ordinary skill in the art.

At S150 the N cryptors are installed in the virtual cryptor machine inthe order selected and each is set to its assigned rotational position.The assigned rotational position may be the rotational positionpreviously assigned to the cryptor or a newly determined position. AtS160, all N cryptors in the virtual cryptor machine are sequentiallyapplied in the order installed to encrypt the plaintext byte. At S170,the encrypted data byte is stored as the next ciphertext byte. At S180,a determination is made as to whether all of the message bytes have beenprocessed. If additional message bytes remain to be processed, themethod returns to S130, a new machine state is established and actionsS140-S180 are repeated. If, at S180, it is determined that all plaintextbytes of the received message have been encrypted, the ciphertextmessage is output at S190 and the method ends at S199.

The number of cryptors selected, N, may vary in different embodiments.In the examples used herein, N=5, meaning that 5 cryptors aresequentially applied to encrypt the data byte by each virtual cryptormachine instance. The manner in which cryptors are selected may alsovary. A particular pseudo-random method used in certain embodiments ofthe invention is discussed in more detail below.

FIG. 3 illustrates a method M200 that can be used to decrypt aciphertext message produced according to some embodiments of theinvention. The ciphertext message is received at S210. The ciphertextmessage may be successfully decrypted only by a receiver using the sameinitialization parameters to create at S220 an identical session to thatused to encrypt the original plaintext message. A set of M cryptorsidentical to the original set of M cryptors used to produce theciphertext message is generated. In this method, however, a set of Ninverse cryptors is also generated, each cryptor in the inverse cryptorset containing the unique monoalphabetic cipher that exactly reversesthe effects of encryption by the corresponding cryptor for eachcharacter of the plaintext alphabet. The rotational positions of some orall M cryptors, as well as the monoalphabetic cipher contents of one ormore of the M cryptors are then modified at S230 exactly as would havebeen done at S130 in FIG. 2. Corresponding modifications are also madeto the inverse cryptors. At S240, a subset of cryptors having N membersis selected from the set of M inverse cryptors. At S260, each of the Ninverse cryptors is installed in the virtual inverse cryptor machine inthe reverse of the order of selection with no rotational adjustment. AtS260, each plaintext byte is decrypted by sequentially applying all Ninverse cryptors in the virtual inverse cryptor machine in the orderinstalled to decrypt the data byte, post-adjusting each intermediateresult with the assigned rotational position of the inverse cryptor,thereby decrypting the ciphertext byte which is stored as the nextplaintext byte at S270. At S280, a determination is made as to whetherall of the ciphertext message bytes have been processed. If additionalmessage bytes remain to be processed, the method returns to S230, a newmachine state is established and actions S240-S280 are repeated. If, atS280, it is determined that all ciphertext bytes of the received messagehave been decrypted, the plaintext message is output at S290 and themethod ends at S299.

Specific aspects of exemplary methods of the invention will now bediscussed in more detail. To aid those of ordinary skill in the art tounderstand the present disclosure and the exemplary embodiments, thedetails of the methods will be described in the context of softwareimplemented functions. The functions illustrated within the figuresherein have been designed with a fundamental concern for simplicity andclarity. The actual design of an apparatus incorporating the streamcipher methods should employ extremely efficient implementationstrategies, including such measures as conditional jump tables,inline-coding versus inefficient function calls, and machine level logicthat exploits the use of 8-bit registers and shift-registers thatautomatically produce results in the range {0 . . . 255}, among manyothers.

Terminology used in the descriptions follows the conventions used in thePASCAL programming language. It should be noted that neither theillustrated functions nor any particular values used in theillustrations are to be interpreted as constraints upon the disclosedmethods or devices for carrying out the purposes of the presentinvention.

General Terminology

To eliminate ambiguity, certain terms used herein are explicitly definedas follows:

-   -   Array A group of entities arranged in a sequence associating        each entity with an index, the first entry always having an        index of zero.    -   Byte A single entity of eight consecutive binary bits, numbered        {7 . . . 0} in which the left-most bit is the high-order bit,        (2⁷) and the right-most bit is the low order bit (2⁰), having a        range of values [0 . . . 255].    -   Integer A single entity of 32 consecutive binary bits, numbered        {31 . . . 0} in which the left-most bit is the high-order bit,        (2³¹) and the right-most bit is the low order bit (2⁰), having a        range of values [0 . . . 4,294,967,295].    -   Plaintext Byte(s) to be encrypted by the invention.    -   Ciphertext Byte(s) generated by the invention by encrypting        plaintext.    -   CipherKey^(N) An array of N bytes containing each value in the        range [0 . . . (N−1)] exactly once in no specific order,        constituting a monoalphabetic cipher.    -   Cryptor A dynamic, polymorphic CipherKey²⁵⁶.    -   Morphing The modification of a CipherKey^(N) achieved by        swapping pairs of bytes, changing the location of byte values        within the monoalphabetic cipher contents in a manner that        yields a valid CipherKey^(N).    -   Stream Cipher An algorithm that directly encrypts bytes of        plaintext into ciphertext and decrypts bytes of ciphertext into        plaintext or that may be used to generate streams of        pseudo-random byte values that may be used to encrypt plaintext        and decrypt ciphertext.

PASCAL Functions

For simplicity and consistency, basic constructs of the programminglanguage PASCAL are used to illustrate embodiments of the inventiondisclosed herein. However, other programming languages and techniquesmay be used to produce exactly the same functionality, producing thesame encryption or decryption results with similar efficiency. Thefollowing six symbols are used within these illustrations:

-   -   ← Store operation    -   + Arithmetic operator: addition    -   − Arithmetic operator: subtraction    -   ̂ Boolean operator: and    -   {circle around (×)} Boolean operator: exclusive-or    -   = Boolean Condition: equal to

FIGS. 4-6 show the set of PASCAL language constructs used for theexemplary process descriptions disclosed herein. Specifically, FIG. 4shows the basic construct of a CASE statement. In PASCAL, a CASEstatement executes only the instructions within the braces { } for theidentified Value(s) of Variable. A range of Values is optional,specified using the structure: V1 . . . V2, where V2 is greater than V1.No instructions are executed for any unspecified Value(s), and noduplicates are allowed within sets of Value(s).

FIG. 5 shows the basic construct of a FOR statement. The FOR statementrepeatedly executes the instructions within the braces { } until theVariable has been assigned each consecutive value from [Low . . . High]using an increment of one.

FIG. 6 shows the basic construct of an IF . . . THEN statement. The IF .. . THEN statement executes the instructions within the braces { } if,and only if, the Boolean Condition is true.

The PASCAL statements and operators discussed above are used withinfunction definitions, each of which describes whether or not thefunction is provided to EXTERNAL processes as well as providing thefunction name, any parameter(s) and parameter type(s), an optional LOCALVARIABLES list, and the specific operations performed. The function nameis underscored both for definition and reference. Any parameters orLOCAL VARIABLES are assigned a type (Array, Byte, or Integer) which isseparated from the related variable name(s) by a colon (:), withmultiple parameters of the same type separated by comma(s) and differentparameter types separated by semicolons (;).

As an example, FIG. 7 illustrates a Calculate function, which is definedas a function that is not available to EXTERNAL processes, with fourparameters including an integer output variable and three integer inputparameters, has no LOCAL VARIABLES, and sets the output variable, Value,equal to the sum of the first two input values minus the third inputvalue. This function may be referenced as follows:

Calculate(N, 80, 10, 50)

This particular instance of the function call would result in the valueof the variable N being set to 40. Note that constants used asparameters in function calls are passed as values (call by value), whilevariables are passed as address references, allowing functions to modifythe variables (call by name).

EXTERNAL functions are available to EXTERNAL user processes as well asthe INTERNAL processes. The function descriptions do not containparameter checks that should be implemented to ensure that only wellconstructed parameters are submitted to the EXTERNAL functions, and thatthe stream cipher has been properly initialized before requests areaccepted to encrypt or decrypt data. All INTERNAL functions definedherein assume that all parameters fall within expected limits and may beeither constants (byte or integer) or variables of the expected type.

Internal State Variables

The methods of the invention involve the construction of a virtualstream cipher machine consisting of a set of variables that are referredto herein as the machine's internal state variables and are referencedthroughout the illustrative functions that specify the initialization,encryption, and decryption processes. The internal state variables areitalicized when referenced herein.

CryptorTable Array of 256 cryptors InverseTable Array of 256 cryptorsInc Byte IndexLo Byte IndexHi Byte X Byte Y Byte Z Byte

During repeated sequences of encryption/decryption iterations, anexemplary embodiment of the stream cipher of the invention continuallyand unpredictably modifies the monoalphabetic cipher contents of allcryptors selectively using either of two innovative morphing strategies.The dynamic qualities of the cryptors within the CryptorTable thereforeprovide ideal sources of constantly varying sequences of values that maybe produced by sequentially stepping index values through differentcycles, each cycle producing index references to each of the 65,536bytes contained within all 256 cryptors in the CryptorTable. Thisillustrates only one of many alternative concepts developed and testedto exploit such sequences. The exemplary embodiment of the inventionintroduces two internal state byte variables, IndexLo and IndexHi, whichare variably stepped and used in combination to reference each uniqueindex location within the CryptorTable for each full cycle of 65,536iterations. These stepping sequences are driven by the variable, Inc,which is stepped through all odd values [1, 3 . . . , 253, 255]. Thisstrategy generates 128 different cycles, each full cycle producing adifferent sequence of the possible 65,536 unique index references. Everyvalue in the CryptorTable changes location during each cycle,dramatically impacting the resulting sequences of values that would beproduced if the cycle were repeated, which only occurs after a total of8,388,608 steppings.

For each encryption iteration, IndexLo is variably stepped by addingInc, assuring that each value {0 . . . 255} occurs in IndexLo exactlyonce for every 256 steppings. After each full cycle of IndexLo, IndexHiis stepped by subtracting Inc, assuring that each value {0 . . . 255}also occurs in IndexHi exactly once for every 256 steppings. After eachfull cycle of IndexHi, the value of Inc is stepped by two until reachingthe value 255, whereupon Inc is reset to 1.

Process Description

The detailed technical description of the exemplary embodiment of thestream cipher of the invention is presented in four separate sections:

-   -   State Modification Functions    -   Encryption Function    -   Decryption Function    -   Initialization Functions        The initialization of the stream cipher must be performed first        to generate the initial internal states. However, the functional        descriptions are presented as listed above in order to define        each function before it is referenced by other functions.

State Modification Functions

The four exemplary INTERNAL functions, illustrated in FIGS. 8-11, may beused during initialization to generate all internal state variables ofthe exemplary embodiment of the stream cipher, and used subsequently toselectively modify one or more internal state variables prior toencrypting (decrypting) each plaintext (ciphertext) input byte. Thefirst three of these functions are called upon by other functions eitherto modify an existing cryptor (SwapAll function), to generate a newcryptor (BuildCryptor function), or to construct an inverse cryptor(BuildInverse function). All three functions produce a cryptorcontaining a valid monoalphabetic cipher.

The present disclosure introduces only two of many alternative morphingstrategies that have been designed, implemented and evaluated by theinventor, some of which progressively but unpredictably swap only singlepairs of bytes within selected cryptors, and others that use a variablenumber of selected cryptors to entirely regenerate the monoalphabeticcipher contents of new cryptors. Obviously, replacing even a singlecryptor in the CryptorTable using either of these methods considerablyalters the potential results of all subsequent encrypting and morphingprocesses.

The first exemplary morphing strategy, illustrated by the SwapAllfunction (FIG. 8), accepts a Method value and a Guide cryptor as inputswhich are used to generate 128 pairs of unique values used to swap theentries within the Target cryptor. Each of the possible 256 differentMethod values {0 . . . 255} produces a different sequence of 128byte-pairs, every byte value occurring exactly once in each sequence.Since any of the 256 cryptors may have its entire monoalphabetic ciphercontents altered in a manner that produces any one of 65,536 differentcryptors, any one of a potential 16,777,216 alternative cryptors may begenerated and introduced as a replacement within the CryptorTable at anygiven instance by the SwapAll function.

Similarly, a second exemplary morphing strategy, illustrated by theBuildCryptor function (FIG. 9), initially constructs and stores acryptor in the local cryptor, Temp, protecting the contents of bothinput cryptors from corruption during the process. Ordering of thecontents of the new cryptor, Temp, is determined by the input cryptor,First. The values stored into Temp are determined by the contents of theinput cryptor, Second, whose sequence of values are effectivelyscrambled by combining the input value, Factor, with the local indexvariable, B, using the Boolean exclusive-or operation. The cryptor inthe CryptorTable at the Entry index is then replaced by the cryptor inTemp. Any two of the 256 cryptors in the CryptorTable may be used asinputs, combined with any of the possible 256 different Factor values {0. . . 255}. Thus, the generated cryptor produced by this “factoredmultiplication” may be any one of the 16,777,216 possible alternativesat any given instance. Further, the newly generated cryptor may be usedto replace any one of the cryptors in the CryptorTable as specified bythe value, Entry, which introduces another factor of 256 possibilitiesoffered by this second morphing strategy, yielding a total of4,294,967,296 different possible results affecting the contents of theCryptorTable.

The exemplary BuildInverse function (FIG. 10) constructs a cryptor inthe InverseTable which contains the unique monoalphabetic cipher that isthe exact inverse of the corresponding cryptor in the CryptorTable, forany given index, Entry.

The exemplary ShiftStates function (FIG. 11) selectively modifies theset of internal state variables of the stream cipher prior to theencryption of each plaintext byte in a pseudo-random manner that ensuresthat generated ciphertext is unpredictable and essentially aperiodic.The ShiftStates function variably combines the internal state bytevariables IndexLo and IndexHi to produce indexes used to select valueswithin the large plurality of cryptors in the CryptorTable to direct itstasks. These two state byte variables are variably stepped byadding/subtracting the internal state byte, Inc. After each stepping ofIndexHi, the corresponding cryptor in the CryptorTable is totallymodified by a pseudo-random morphing using the SwapAll function, thesupplied Guide cryptor and Method value being derived from pseudo-randomresidue values retained from the previous process operations in theinternal state byte variables X, and Y. Thus, for each full cycle ofIndexHi, the ShiftStates function will have altered all 256 cryptors inthe CryptorTable so dramatically that every unique byte value withinevery cryptor has been shifted to a different location. After eachstepping of Inc, two adjacent cryptors in the CryptorTable specified bythe new value in Inc are completely replaced by cryptors built by theBuildCryptor function, again supplying all input parameters derivingfrom pseudo-random residue values retained from the previous processoperations in the internal state byte variables X, Y, and Z. After eachfull cycle of Inc, every cryptor in the CryptorTable has been replacedin this manner.

The actions of the ShiftStates function may also pseudo-randomly affectthe rotational position of all cryptors, logically assigning a newposition to each cryptor in the CryptorTable (and its correspondinginverse cryptor) for each process iteration.

For simplicity, the exemplary ShiftStates function performs the sametasks for sessions created for both encryption and decryption, althoughthe inverse cryptors do not affect encryption results. Therefore, it ispossible to construct a separate, more efficient ShiftStates functionfor encryption-only sessions since the inverse cryptors need not bemaintained.

Encryption Process

The Encryption Process performs the task of generating ciphertextbyte(s) by encrypting plaintext byte(s) submitted by a calling processto the Encrypt function (FIG. 12). For each byte encrypted, theShiftStates function is first executed to alter the current internalstates of the machine including values which determine the rotationalposition of all cryptors. Using the modified internal state variables,the exemplary Encrypt function then pseudo-randomly selects an orderedset of 5 cryptors from the CryptorTable to logically construct a virtualcryptor machine instance. The Encrypt function uses three independentlyselected cryptors to direct the process, copying them to the LOCALVARIABLES Guide, Mask, and Positions in order to simplify and clarifythe illustrated instructions. This logic ensures that every CryptorTableentry is used exactly once as a Guide for each stepping of IndexHi,which is also used as the index from which 5 contiguous entries areselected from within the Guide as initial candidates. Each of these 5initial candidates is then modified using the LOCAL VARIABLE Mask, adifferent cryptor that unpredictably alters the set of 5 differentcryptors that will be used. The monoalphabetic cipher contents of theLOCAL VARIABLE Positions affect the unique, initial rotational positionof each of the 5 cryptors installed within the virtual cryptor machine.The resulting virtual cryptor machine instance is then used to encryptthe plaintext byte to produce the ciphertext byte by sequentiallyapplying the 5 cryptors, pre-adjusting the rotational position of eachcryptor with the corresponding value in Position combined with the valueof IndexLo.

The exemplary logic ensures that whenever a cryptor is used as theGuide, exactly once for each stepping of IndexHi, the set of 5 initialcandidate cryptors will be different from any set produced during theprevious 255 occasions that the same cryptor was used as the Guide.Further, every cryptor is completely changed at least once for each fullcycle of IndexHi. After 256 occasions in which a cryptor has been usedas the Guide, that cryptor will have been utterly modified by at leastone of the two exemplary morphing strategies. The pseudorandomlyselected Mask cryptor further affects the selection of the 5 differentcryptors actually used within each virtual cryptor machine instance.

Decryption Process

The Decryption Process performs the task of generating plaintext byte(s)by decrypting ciphertext byte(s) using a Decrypt function (FIG. 13),which exactly reverses the effects produced by the Encrypt functioncalled in the same machine state. For each byte decrypted, the Decryptfunction first calls upon the ShiftStates function (FIG. 11) to alterthe current state of the machine, including the task of assigning a newset of values which initially specify the rotational position of eachcryptor. Using the new internal state variables, the Decrypt functionthen uses the same logic as the Encrypt function to select the sameGuide, Mask and Position cryptors. The identical ordered set of 5different cryptor identities is then selected and the virtual inversecryptor machine instance is constructed using the corresponding inversecryptors located in the InverseTable. The virtual inverse cryptormachine instance then decrypts the ciphertext byte by sequentiallyapplying the 5 inverse cryptors in the reverse order to that of theEncrypt function, appropriately post-adjusting the intermediate resultfrom each inverse cryptor with the corresponding value in Positioncombined with the value of IndexLo, to produce the plaintext byte.

Initialization Process Initialization Parameters

The Initialization Process creates a session for encrypting plaintextinto ciphertext or decrypting ciphertext into plaintext. Decryption maybe successfully performed by recreating the same session previously usedto call upon the Encrypt function to encrypt the plaintext, and thencalling upon the Decrypt function that reverses the encryption processusing inverse cryptors to decrypt the ciphertext and exactly reproducethe plaintext. The Initialization Process is comprised of two phaseswhich use a set of user-supplied parameters to generate an unpredictableset of cryptors in the CryptorTable.

Initialization parameters may be used by the invention topseudo-randomly generate the initial values of all internal statevariables, including an unpredictable initial set of cryptors. Thefollowing values for the initialization parameters are exemplary only,and may be larger or smaller than the values indicated below. Theinitialization parameters are italicized when referenced herein.

-   -   BaseKeys Array of 256 cryptors    -   PrivateKey Array of 32 bytes (unique values in the range {0 . .        . 255})    -   SessionString Array of 64 bytes

The internal state variables are initialized using a publicly exchangedSessionString in combination with one or more shared-secret parameters,such as PrivateKey and BaseKeys. The initialization parameterSessionString is logically a string of ciphertext bytes comprisingdetailed initialization instructions that must be properly decryptedusing the shared-secret parameters to correctly interpret the directionsto modify the internal state variables. The strategy presented by theinitialization function, ApplySessionString (FIG. 15), is only one ofmany possible approaches that ensure that every single bit within the512 bits (64 bytes) of this parameter dramatically and unpredictablyaffects the entire set of internal state variables. The impact of thisparameter is made even more significant during the second phase of theinitialization process (described below) which derives all parametersfor the second phase from the results of the first phase.

The size of SessionString within this exemplary embodiment is set to be64 byte to illustrate the concept of concatenating document specificparameters, such as current date/time values, bank routing and accountnumbers, unique document numbers such as check numbers and amounts, aset of pseudo-randomly generated bytes, and possibly hash valuesgenerated by various message authentication strategies. This approachallows the creator of any encryption session to generate a uniqueSessionString that would generate an entirely different session createdfor similar or even identical documents—an important consideration thatavoids introducing cryptanalysis vulnerabilities. AlternativeSessionString sizes are practicable, but a minimum of 32 bytes isrecommended.

Other initialization parameters may be used that allow a group of peopleto exchange information securely. For example, GroupKey, a shared-secretCipherKey²⁵⁶, may be used in an alternative embodiment of the invention.GroupKey may be known only by a subset of the group of entities sharingBaseKeys and used to logically reorder the entries within BaseKeys.

Exemplary Initialization

The internal state variables may be initialized using a publiclyexchanged SessionString of 64 bytes in combination with a PrivateKey,known only by the sender and receiver, having the minimum recommendedsize of 32 bytes (64, 128, or 256, are feasible alternatives). TheBaseKeys parameter may be a set of 256 monoalphabetic ciphers for thealphabet of 256 unique byte values {0 . . . 255}, and may be madepublic, or optionally treated as a second shared-secret known to only agroup of entities. Other sizes and combinations of SessionString,PrivateKey, and sets of BaseKeys have been implemented and tested by theinventor, so the present invention is not limited to the exemplaryparameter sizes.

An exemplary embodiment of the invention generates an initial set of 256polymorphic cryptors whose continually varying values are repeatedlyused to construct transitory instances of virtual cryptor machinesemploying five different cryptors, each virtual cryptor machine beingused to encrypt only a single byte of plaintext, as explained below.

Initialization Process Functions

The tasks performed during the initialization process are directed bythe NewSession function (FIG. 18) using the user supplied initializationparameters, SessionString, PrivateKey, and BaseKeys. The NewSessionfunction employs a two-phase strategy that unpredictably alters everyinternal state variable, particularly the CryptorTable, given even asingle-bit variation in either the SessionString or PrivateKeyparameter. During the first phase, the NewSession function copies theuser-supplied BaseKeys into the CryptorTable and executes theApplyPrivateKey function (FIG. 14) which uses every value within thePrivateKey to direct repeated morphings of all cryptors in theCryptorTable, the results of previous morphings directly affectingsubsequent results. A temporary copy of SessionString is then createdand passed to the ApplySessionString function (FIG. 15) which repeatedlyencrypts it, using the generated ciphertext to twice direct the morphingof every cryptor. The MorphAllCryptors function (FIG. 16) is then calledwhich iteratively encrypts a copy of each cryptor in the CryptorTable,also using the generated ciphertext to twice direct the morphing ofevery captor in the CryptorTable.

The NewSession function then calls upon the ModifySession function (FIG.17) which performs the second phase by using the current machine statein combination with the temporary copy of the SessionString parameterthat was repeatedly encrypted during the first phase to totallyreconstruct the entire CryptorTable, influenced by the parameter, Order(a CipherKey²⁵⁶). The ModifySession function then calls upon theApplyPrivateKey, ApplySessionString and MorphAllCryptors functions torepeat their tasks. ModifySession generates the final initializationstate by iteratively calling upon the BuildInverse function (FIG. 10) tocreate the InverseTable containing the corresponding inverse cryptor ofeach cryptor in the CryptorTable. The ModifySession functionreinitializes all internal state variables, including the CryptorTable,using the previous internal states in combination with its parameters,generating an entirely new machine state. The EXTERNAL functiontherefore allows a user to create a secondary encryption session that isirrevocably linked to the previous session, a significant protocolstrategy tool.

Exemplary Initialization Protocols

In an exemplary communication protocol using the stream cipher methodsof the present invention, a message sender initializes a stream ciphersession using a specific set of the initialization parameters,constructing a virtual stream cipher machine that may be used to encryptpracticably unlimited amounts of digital data that may be sent as aseries of ciphertext messages to a distant receiver. The authorizedreceiver of the ciphertext messages, privy to all parameters used toinitialize the sender's session, is able to initialize the same streamcipher session which may be used to decrypt the received ciphertextmessages into plaintext.

More advanced protocols may adopt the practice of creating two separatestream cipher sessions to support communications. A primary session iscreated by each party as described above using a shared-secretPrivateKey and a publicly exchanged SessionString. A secondaryencryption session is then also created by each party usingpseudo-randomly generated PrivateKey and SessionString parameters. Theseparameters, encrypted using the primary session, may be securelyexchanged by two cooperating parties over any public communicationsnetwork, allowing both parties to create two identical secondarysessions. Each party uses their own secondary session to encryptplaintext data into ciphertext before transmitting it to the secondparty. This approach ensures that no stream cipher session created usingthe shared-secret PrivateKey in combination with a publicly exchangedSessionString is ever used to encrypt any plaintext data subject tofrequency analysis based cryptanalysis attacks. The pseudo-randomlygenerated parameters used to create the secondary sessions are totallytransitory, never to be used again.

Similarly, such secondary stream cipher sessions could be used by anyonewith a PrivateKey to encrypt and decrypt data written to disk. Eachencrypted file could contain a header record that provides the encryptedPrivateKey and SessionString used to create the secondary session, aswell as the unencrypted SessionString used with the PrivateKey toinitialize the primary session that was used to encrypt the secondaryPrivateKey and SessionString.

Processing System Description

The encryption/decryption processes of the invention allow one or moreparties to communicate securely through various communication andtransmission systems, or for any single party to protect data within afile storage system. The methods of the invention may be implemented onany digital data processor. Embodiments of the invention may beprogrammed or otherwise embodied in software configured for execution ona data processor. Such software may be stored in the data processorand/or any suitable non-transitory storage medium. Embodiments of thestream cipher of the invention may also be implemented as a hardwaredevice, an application specific integrated circuit, or chip, which mayreside on a hand-held communications device such as a cell phone orwireless network card.

An exemplary encryption system according to an embodiment of theinvention may incorporate an encryption processor 100 as shown in FIG.19. The encryption processor 100 is configured for encrypting a plaintext message into ciphertext using any of the methods of the invention,including, for example, the general method depicted in FIG. 2. Theprocessing system 100 comprises a message receiving portion 110, whichmay include without limitation a user interface for receiving input andinstructions directly from a user, one or more interfaces with otherportions of the processor 100 and/or other processors and processingsystems, an interface with one or more local or wide area networks,and/or an interface with a telecommunications network. The messagereceiving portion 110 is configured for receiving a message forencryption processing and any accompanying information or instructionsvia any of the above input sources.

The processor 100 further comprises a parameters selection portion 120configured to generate or receive a set of initialization parameters foruse in establishing an encryption session. The parameters selectionportion 120 may be configured to generate the initialization parametersbased on a sessionstring and/or secret-key information provided by asession initiator or from other information accompanying the message tobe encrypted and/or previous key information stored in a database orseparately provided by a user. The parameters selection portion 120passes the initialization parameters to an initialization portion 125configured to initialize the state variables for an encryption instance.The initialization portion 125 may be configured to carry out anyinitialization process, including the methodology described above.

The processor 100 also comprises a cryptor set configuration portion 130adapted to construct a set of M cryptors based on the state variables ofthe system. The cryptor set configuration portion 130 may also beconfigured to modify the cryptor set during the encryption of a messageaccording to the methods described herein. The functions of theinitialization portion 125 and cryptor set configuration portion 130 maybe carried out by a single initialization and cryptor set configurationportion (not shown). The encryption portion 140 of the processor 100 isadapted to select a subset of the cryptor set constructed by the cryptorset configuration portion 130 and sequentially apply them to encrypt asingle plaintext message byte. The basis for selection of this subsetmay be varied according to the methods described herein.

The cryptor set configuration portion 130 may also be configured toconstruct a set of M inverse cryptors, each of the inverse cryptorsbeing the inverse of a corresponding one of the set of M cryptors.Further, the encryption portion 140 may be configured to apply theinverse cryptors to process previously encrypted message bytes asdiscussed above.

The encrypted message assembly and transmission portion 150 may beadapted to assemble the ciphertext message and transmit or otherwiseoutput the message. The encrypted message assembly and transmissionportion 150 may include an interface to any of the input-output sourcesdescribed above in conjunction with the message receiving portion 110.

It will be understood that the message receiving portion 110, parametersselection portion 120, initialization portion 125, cryptor setconfiguration portion 130, encryption portion 140 and encrypted messageassembly and transmission portion 150 may be distributed among one ormore data processors or data processing systems. All of these elementsmay for example be provided on a single user data processor.Alternatively, the various components of the encryption processor 100may be distributed among a plurality of data processors in selectivecommunication via a network.

It will also be understood that the actions of any of the methodsdescribed herein may be embodied in instructions stored on acomputer-readable storage medium for use in conjunction with aprogrammable data processor.

FIG. 20 illustrates a cryptographic system 200 having an encryptionprocessor 210 and decryption processor 220 that may be in selectivecommunication over a network 230. Each of the processors 210, 220 areconfigured as described above for the processor 100 of FIG. 19 exceptthat the processor 220 has decryption and decrypted message assembly andtransmission portions rather than encryption and encrypted messageassembly and transmission portions. It will be understood that eitherprocessor may have portions configured for both encryption anddecryption. The network 230 may be the Internet or any other computernetwork or any form of telecommunications network. The encryption anddecryption processors may each be any form of data processorprogrammable for implementing one or more of the methods of theinvention. One or both of the processors 210, 220 may, for example, beor include any form of computer, programmable telecommunications device(e.g., a smart phone, smart pad, or smart card).

ADDITIONAL EMBODIMENTS Varying the Methods and/or Parameters Used by theInitialization Process

The number of possible alternative strategies, and combinations ofstrategies, which may be used to generate the initial internal states ofthe stream cipher of the present invention is practically unlimited.Many alternative embodiments using a multitude of different strategiesand combinations of strategies have been developed and successfullytested. The exemplary Initialization Process illustrates methods thatmay be used in combination to generate the monoalphabetic contents ofthe large plurality of cryptors in a manner which ensures that evenminor changes anywhere within the suite of input parametersunpredictably impact every cryptor. In particular, as illustrated in theexemplary embodiment, the reapplication of the methods during the secondphase magnifies the impact of a single bit variation in any parametersuch that wholesale changes are produced in all cryptors. It should benoted that the exemplary embodiment illustrates methods which ensurethat all such changes within the Initialization Process impact only theinitial internal state variables of the stream cipher of the invention,and are transparent to methods subsequently employed during encryptionand decryption processes.

As previously discussed, additional initialization parameters, ordifferent sized initialization parameters, may be introduced inalternative embodiments. Other alternative embodiments increase ordecrease the number of cryptors initially supplied to performinitialization, and others vary the size of the shared-secret privatekeys.

Another embodiment accepts an additional initialization input parameter,a shared-secret cryptor whose values may be used to reorder the largeplurality of cryptors before, during, and/or after other methods areused to scramble their monoalphabetic contents. The impact of thisparameter is magnified by the fact that the initialization methods usedduring the Initialization Process are not associative. Even minorchanges in the order of the large plurality of cryptors beforeinitialization, such as swapping the locations of two cryptors, causewholesale changes to the monoalphabetic contents subsequently producedby the methods. The introduction of this parameter allows the creationof stream cipher sessions using a publicly exchanged private key,permitting groups whose members all know the shared-secret “group key”to communicate securely. As described elsewhere, a protocol should beemployed that ensures that such sessions are used only to protect theexchange of pseudo-random values required to create secondary sessions.

Varying the Methods Used by the State Modification Process

The number of possible alternative strategies and combinations ofstrategies, which may be used to selectively modify the internal statesof the stream cipher of the present invention is also practicallyunlimited. Dozens of methods have been developed and tested withinalternative embodiments which use such strategies to pseudo-randomlymodify the contents of the polymorphic chamber containing the largeplurality of cryptors, using the resulting values to generate sequencesof unpredictable values to direct subsequent modifications. The methodsemployed within such embodiments include the use of progressive and/orpseudo-random processes which selectively call upon one or more suchmethods prior to each process iteration. A progressive process may becontrolled by values produced using separate index variables togradually step through sequences to modify the entire contents of everycryptor. A pseudo-random process may be controlled by using residuevalues from the previous process iteration, or sequences of valuesproduced by irregularly stepping additional index variables, or acombination of both, to selectively exchange pairs of values within acryptor.

Examples of these methods, any of which may be unpredictably structuredand/or applied, include:

-   -   altering index values controlling stepping sequences    -   altering the rotational position value of one or more cryptors    -   altering the locations of all cryptors and their inverse        cryptors    -   swapping one (or more) pairs of locations within selected        cryptors and making appropriate changes to the corresponding        inverse cryptor    -   swapping locations of two cryptors (and the corresponding        inverse cryptors)    -   swapping a cryptor with its inverse cryptor    -   generating new cryptors using more than two cryptors to affect        results

Varying the Actions Performed by the Virtual Cryptor Machines

The logical application of a virtual cryptor in a given rotationalposition to encrypt an input byte may be varied by using any one ofdozens of different strategies, each strategy producing differentencryption results when applied to the entire plaintext alphabet. In theexemplary embodiment, the byte value logically specifying the rotationalposition of a cryptor is combined with the value of the input byte to beencrypted using addition, modulo 256. The resultant value is used as anindex into the virtual cryptor array to obtain a value within thecurrent monoalphabetic cipher to replace the input byte. This strategysimulates application of each rotor as applied within the prior-artelectro-mechanical rotor machines. However, in a virtual machine, dozensof different strategies might be employed that variably combine therotational position and input byte values either before or after(perhaps, even without) using the cryptor.

Strategies have been developed and successfully tested in alternativeembodiments that use varying operators to combine the data value androtational cryptor position prior to indexing into each cryptor, otherstrategies first index into a cryptor with one of the two values andthen variably use different operators (e.g. subtraction, addition,Boolean exclusive-or) to combine the resultant value with the other ofthe two values. Still other embodiments might variably use pseudo-randominternal state variables such as X, Y, or Z, either as a substitute forthe cryptor position or to alter its position, or even on occasion tooperate directly upon the data value (perhaps in combination with thecryptor position value) using a Boolean exclusive-or without actuallyusing the cryptor itself.

Many other embodiments of the stream cipher of the invention have alsobeen developed and successfully tested that employ one or moreadditional values which may be used to vary the number of cryptorsapplied by different virtual cryptor machine instances. Each of thesestrategies dramatically increases the number of different possiblemonoalphabetic ciphers that may be produced to encrypt each input databyte. Such values may be pseudo-randomly generated within each processiteration by variably combining residual values retained from theprevious process iteration in the internal state variables X, Y, and Z.For example, the number of cryptors actually applied by each virtualcryptor machine instance may be varied, within a limited range ofvalues. Thus, rather than each cryptor machine instance applying a fixednumber of cryptors as illustrated in the exemplary embodiments above,pseudo-randomly varying the number of cryptors within the range {3 . . .7}, would result in an average of approximately 5 cryptors being appliedfor a large number of process iterations. This innovation alone,appearing simple in concept, introduces additional significantchallenges to any cryptanalysis strategies.

Another embodiment may pseudo-randomly specify one or more individualcryptors within the large plurality (or one or more positions withineach virtual cryptor machine) that logically would be skipped during thesequential application of cryptors within a process iteration. Thisstrategy further unpredictably varies the number of cryptors actuallyapplied to encrypt each plaintext byte. Similarly, another embodimentstrategy is to pseudo-randomly specify one or more individual cryptorswithin the large plurality (or one or more positions within each virtualcryptor machine) which, if applied within the cryptor machine instance,would be immediately applied again to re-encrypt the previous result.Further, such a second application of a cryptor could optionally beperformed with, or without, using the rotational position of the cryptorto influence results. Another approach may be to use the result of thesecond application not simply to produce the new encrypted value asusual, but to use the results to modify the previous results byaddition, subtraction, or the Boolean exclusive-or operation.

Similarly, another exemplary embodiment may use a pseudo-randomlygenerated value to specify an additional cryptor (or inverse cryptor)within the large plurality that may be applied before and/or after eachcryptor machine instance completes its tasks. Another approach may be touse such a value to directly modify the input value (addition,subtraction, or Boolean exclusive-or) before and/or after each cryptormachine instance completes its tasks.

Many such strategies, and combinations of strategies, have beendeveloped and tested but are not illustrated in the exemplary embodimentwhich is presented herein to illustrate the power and efficacy of thefour major revolutionary concepts: the dynamic cryptor; thecorresponding dynamic inverse cryptor; the polymorphic chamber of alarge plurality of cryptors used to generate sequences of virtualcryptor machines; and the use of the swirling miasma of values createdby the dynamic contents of the polymorphic chamber as a source ofunpredictable sequences of pseudo-random values that may be used todrive associated methods and functions.

Varying the Encryption Method

In an alternate embodiment, the stream cipher methods of the inventionmay be configured as a “random number generator” that requires nodigital information stream to encrypt and no separate decryptionprocess. This embodiment of the stream cipher, using the sameinitialization methods, performs exactly as within the exemplaryembodiment except that a “target” byte is pseudo-randomly selected andthen encrypted by a virtual cryptor machine instance rather than theinput data byte of the exemplary embodiment. Called repeatedly, or usingparameters that indicate the length and an address to store a sequence,a stream of encrypted target bytes is pseudo-randomly generated that maybe used by other processes. For example, such a stream of values may becombined with a corresponding stream of plaintext message bytes usingthe Boolean exclusive-or operator, producing a stream of ciphertextbytes. A message encrypted using this approach may be decrypted simplyby using the same initialization parameters to generate the identicalsequences of encrypted target bytes, and using the Boolean exclusive-oroperator to combine each byte of the encrypted ciphertext message withthe corresponding byte of stream of encrypted target bytes, exactlyreproducing the plaintext message.

A major advantage of such a random number generator based upon thestream cipher methods of the present invention is that the set ofinitialization parameters used to generate the initial internal machinestates for any session may be entirely generated from a previoussession. Such a “feedback” approach would be extremely effective as amethod to generate unpredictable sequences of values for purposes otherthan encryption that do not require that the sequences be reproduced.

To those skilled in the art of cryptography, it is understood thatmethods using a random number generator with such a “combining strategy”is subject to “known plaintext” attacks which allow an unauthorizedrecipient to intercept and strip away the known plaintext of a message,thereby obtaining the stream of generated values. The attacker is thenable to effectively “forge” a message using a substitute plaintextmessage of the same length, appropriately combining it with the revealedstream of generated values such that any authorized recipient whodecrypts the changed ciphertext will obtain the plaintext of the forgedmessage, and would be unaware of the substitution. Substitution streamciphers are not subject to such known plaintext attacks correctlymodifying intercepted ciphertext. However, such attacks have provedeffective in generating valuable cryptanalysis statistics wheneverstream ciphers have been used to encrypt multiple messages of knownplaintext using the same (or even similar) internal states. However,with proper initialization protocols, the internal states of the streamcipher of the present invention will always vary so dramatically fromsession to session that it is extremely unlikely that the set cryptorsof two different sessions will ever contain even one identicalmonoalphabetic cipher after initialization.

It will be readily understood by those persons skilled in the art thatthe present invention is susceptible to broad utility and application.Many embodiments and adaptations of the present invention other thanthose herein described, as well as many variations, modifications andequivalent arrangements, will be apparent from or reasonably suggestedby the present invention and foregoing description thereof, withoutdeparting from the substance or scope of the invention.

While the foregoing illustrates and describes exemplary embodiments ofthis invention, it is to be understood that the invention is not limitedto the construction disclosed herein. The invention can be embodied inother specific forms without departing from the spirit or essentialattributes.

1-21. (canceled)
 22. A method for processing using a data processor adigital information set having a plurality of information bytes, themethod comprising: initializing a set of state variables; generating aplurality of cryptors, each cryptor being a virtual dynamic arraycontaining a monoalphabetic cipher and having an associated index valuerepresenting a rotational position of the cryptor; modifying one or morevalues included within one or more of the set consisting of the statevariables, the plurality of cryptors, and the index values of theplurality of cryptors; selecting an ordered cryptor subset to be appliedto an information byte; processing a selected one of the plurality ofinformation bytes using the ordered cryptor subset to produce aprocessed information byte; repeating the actions of modifying,selecting and processing for each remaining information byte of theinformation set, each performance cycle of the actions of modifying,selecting, and processing constituting a process iteration; andassembling the processed information bytes from all process iterationsto form an output information set.
 23. A method according to claim 22,wherein the information bytes are plaintext bytes or ciphertext bytesproduced from plaintext bytes, and wherein if the information bytes areplaintext bytes, then each processed information byte is a ciphertextbyte and if the information bytes are ciphertext bytes, then eachprocessed information byte is a plaintext byte.
 24. A method accordingto claim 22 wherein the action of processing a selected one of theplurality of information bytes includes: sequentially applying eachcryptor in the ordered cryptor subset to an input byte, the input bytefor a first cryptor application being the selected one of the pluralityof information bytes and for each subsequent cryptor application, theinput byte being a resultant output byte from the preceding cryptorapplication, the processed information byte being the output byte from afinal cryptor application.
 25. A method according to claim 24 whereinthe action of applying each cryptor includes: combining the input bytewith the index value associated with the cryptor being applied to createan intermediate output byte, and using the intermediate output byte asan index into the cryptor virtual array to obtain the output byte forthe cryptor application.
 26. A method according to claim 25 wherein theaction of combining the input byte with the index value associated withthe cryptor includes at least one of the set consisting of adding theinput byte and the index value, applying a Boolean exclusive-or operatorto the input byte and the index value, and subtracting the index valuefrom the input byte.
 27. A method according to claim 24 wherein theaction of applying each cryptor includes: using the input byte as anindex into the cryptor virtual array to obtain an intermediate outputbyte, and combining the intermediate output byte with the index valueassociated with the cryptor being applied to produce the output byte forthe cryptor application.
 28. A method according to claim 22 furthercomprising: generating a plurality of inverse cryptors equal in numberto the plurality of cryptors, each inverse cryptor containing a uniquemonoalphabetic cipher that reverses an encryption effect of acorresponding one of the plurality of cryptors and having the sameassociated index value as the corresponding one of the plurality ofcryptors.
 29. A method according to claim 28 wherein the information setis a ciphertext message comprising information bytes that are eachciphertext bytes, the ciphertext message being a result of a previousencryption of a plaintext message based on the initialization parametersand the output information set being a reproduced version of theplaintext message, and wherein the action of processing a selected oneof the plurality of information bytes includes: sequentially applying,in reverse order, the inverse cryptor corresponding with each cryptor inthe ordered cryptor subset, to an input byte, the input byte for a firstinverse cryptor application being the selected one of the plurality ofinformation bytes and for each subsequent inverse cryptor application,the input byte being a resultant output byte from the preceding inversecryptor application, the processed information byte being the outputbyte from a final inverse cryptor application.
 30. A method according toclaim 29 wherein the action of applying the inverse cryptorcorresponding with each cryptor includes: using the input byte as anindex into the inverse cryptor virtual array to obtain an intermediateoutput byte, and combining the intermediate output byte with the indexvalue associated with the inverse cryptor being applied to produce theoutput byte for the inverse cryptor application.
 31. A method accordingto claim 30 wherein the action of combining the intermediate output bytewith the index value associated with the inverse cryptor being appliedincludes at least one of the set consisting of adding the index value tothe intermediate output byte, using a Boolean exclusive-or operator toapply the index value to the intermediate output byte, and subtractingthe index value from the intermediate output byte.
 32. A methodaccording to claim 22 wherein the action of processing a selected one ofthe plurality of information bytes includes: determining a pseudo-randomtarget information byte; sequentially applying each rotationallypositioned cryptor in the ordered cryptor subset to the targetinformation byte to produce a processed target byte; and combining theprocessed target byte with the selected one of the plurality ofinformation bytes to produce the processed information byte.
 33. Amethod according to claim 32 wherein the action of combining theprocessed target byte with the selected one of the plurality ofinformation bytes includes at least one of the set consisting of addingthe processed target byte and the selected one of the plurality ofinformation bytes, applying a Boolean exclusive-or operator to apply theprocessed target byte to the selected one of the plurality ofinformation bytes, and subtracting the selected one of the plurality ofinformation bytes from the processed target byte.
 34. A method accordingto claim 22 wherein the action of initializing includes: constructingthe set of state variables using values derived from a publicinformation string and one or more private information strings.
 35. Amethod according to claim 22 further comprising: changing the number ofcryptors in the ordered cryptor subset during one or more of the processiterations.
 36. A method according to claim 22 wherein the action ofmodifying includes at least one modification selected from the setconsisting of altering the contents of one or more of the plurality ofcryptors, replacing one or more of the plurality of cryptors, swappinglocations of one or more pairs of values within cryptors of theplurality of cryptors, and stepping one or more state variables thataffect subsequent process iterations.
 37. A method according to claim 22wherein the action of selecting an ordered cryptor subset from theplurality of cryptors includes: pseudo-randomly selecting the cryptorsof the ordered cryptor subset from the plurality of cryptors based onone or more of the state variables.
 38. A method according to claim 22wherein the action of processing a selected one of the plurality ofinformation bytes includes pseudo-randomly generating a target byte,sequentially applying each cryptor in the ordered cryptor subset to aninput byte, the input byte for a first cryptor application being thetarget byte and for each subsequent cryptor application, the input bytebeing a resultant output byte from the preceding cryptor application,the output byte from a final cryptor application being the processedinformation byte.
 39. An automated system for processing an informationset having a plurality of information bytes, the system comprising: anon-transitory data storage medium; at least one data processor incommunication with the non-transitory data storage medium; and ahardware interface configured for establishing selective communicationbetween the at least one data processor and at least one of the setconsisting of a user for direct information input therefrom, externaldata processors, one or more local or wide area networks, and atelecommunications network, wherein the non-transitory storage mediumhas stored therein software configured for execution on the at least onedata processor to cause the at least one data processor to carry out theactions of receiving the information set via the hardware interface,initializing a set of state variables, generating, for each of aplurality of process iterations, using the set of state variables, aplurality of cryptors, each of the plurality of cryptors being a virtualdynamic array containing a monoalphabetic cipher and having anassociated index value representing a rotational position of thecryptor, selecting, for each of the plurality of encryption iterations,an ordered cryptor subset comprising a number of the plurality ofcryptors, processing, during each of the plurality of iterations, aselected one of the plurality of information bytes using the orderedcryptor subset to produce a processed information byte, and assemblingthe encrypted information bytes from all encryption iterations to forman encrypted information set.
 40. An automated system according to claim39 wherein the action of processing the selected one of the plurality ofinformation bytes includes sequentially applying each cryptor in theordered cryptor subset to an input byte, the input byte for a firstcryptor application being the selected one of the plurality ofinformation bytes and for each subsequent cryptor application, the inputbyte being a resultant output byte from the preceding cryptorapplication, the processed information byte being the output byte from afinal cryptor application.
 41. An automated system according to claim 39wherein the software is further configured for execution on the at leastone data processor to cause the at least one data processor to carry outthe action of generating a plurality of inverse cryptors equal in numberto the plurality of cryptors, each inverse cryptor containing a uniquemonoalphabetic cipher that reverses an encryption effect of acorresponding one of the plurality of cryptors and having the same indexvalue as the corresponding one of the plurality of cryptors.
 42. Anautomated system according to claim 41 wherein the software is furtherconfigured for execution on the at least one data processor to cause theat least one data processor to carry out the action of sequentiallyapplying, in reverse order, the inverse cryptor corresponding with eachcryptor in the ordered cryptor subset to an input byte, the input bytefor a first inverse cryptor application being the selected one of theplurality of information bytes and for each subsequent inverse cryptorapplication, the input byte being a resultant output byte from thepreceding inverse cryptor application, the processed information bytebeing the output byte from a final inverse cryptor application.
 43. Anautomated system according to claim 39 wherein the at least one dataprocessor is or includes one of the set consisting of an integratedcircuit and a chip.
 44. An automated system according to claim 39wherein the at least one data processor is or includes a component of acommunications device.